LEO

A Cyber-as-a-Service Firm

IT/OT Convergence – a Hacker’s view

IT/OT Convergence – a Hacker’s view 1280 480 KevinLackey
By Kevin Lackey. It is often repeated by control systems security professionals that a primary difference between IT and OT systems is that while IT’s primary function is to process, record, and retrieve data, the primary function of OT processes is to maintain availability, keep the process running and the production occurring. This idea is [...]read more

Dev Overflow – Part 7

Dev Overflow – Part 7 640 240 MikhailSudakov
By Mikhail Sudakov, Cyber Security Architect and Analyst, LEO Cyber Security. Back to Part 6 As previous posts demonstrate, (software) security is a state of mind and not a checkbox to be marked off to meet some criteria, and definitely not something to be added on top of a completed product. The issue of broken [...]read more

Securing Financial Institution Core Migration

Securing Financial Institution Core Migration 640 240 SethJaffe
By Seth Jaffe. The Credit Union Information Security Professionals Association held its yearly meeting last week in San Antonio. One of the topics that came up often was core migration, a security issue that just got a booster shot from Tuesday’s article by Brian Krebs on that very subject. One of Krebs’ colleagues received an [...]read more

Filtering Out the Noise – Product Evals Using Trello

Filtering Out the Noise – Product Evals Using Trello 150 150 RobBeason
By: Rob Beason One of the most important challenges facing all organizations is product selection. Most tools or solutions are significant investments, which no business can afford to get wrong. How do you determine if a solution is the right fit for your needs? How do you know if what you're buying is just vaporware [...]read more

Dev Overflow – Part 6

Dev Overflow – Part 6 150 150 MikhailSudakov
By Mikhail Sudakov, Cyber Security Architect and Analyst, LEO Cyber Security. Back to Part 5 As the following meme suggests, if you fail to disallow arbitrary execution or even inclusion of untrusted instructions in your programs, you really are going to have a bad time that will likely cost you dearly at some point. A4 [...]read more

Cracking the Enigma of Reputational Risk

Cracking the Enigma of Reputational Risk 544 419 JustinSilbert
By: Justin Silbert In reporting on the consequences of an incident, CISOs and other security professionals should be focused on the costs of the incident. Fixed costs, both direct and indirect, associated with recovery, forensic investigation, regulatory fines, customer notifications, and legal services should be addressed first. Once there is a grasp of the fixed [...]read more

Seven Steps to Enforce Security From the Inside Out

Seven Steps to Enforce Security From the Inside Out 840 630 JustinSilbert
By: Justin Silbert Traditional cybersecurity practitioners and almost all IT staff view their security architecture as a defense in depth strategy starting at the network perimeter. But both the threats and the environments continue to adapt every day in ways that we cannot anticipate. Today’s malware is designed to exploit zero-day vulnerabilities and continuously mutate [...]read more

Dev Overflow – Part 5

Dev Overflow – Part 5 150 150 MikhailSudakov
By Mikhail Sudakov, Cyber Security Architect and Analyst, LEO Cyber Security. Back to Part 4 Is your application vulnerable to sensitive data exposure? To answer that question, we need to know if it is storing sensitive data. Naturally, we cannot answer the latter without knowing what those sensitive data are in a given context. A3 [...]read more

What the Hawaii Missile Scare Can Teach Incident Response Teams

What the Hawaii Missile Scare Can Teach Incident Response Teams 1280 480 SethJaffe
By Seth Jaffe. Heads finally rolled over at Hawaii’s Emergency Management Agency. What can the incident response community take away from this latest real-life example? Procedures, Rules, and Communication Protocols, which are the underlying principles of a modern incident response program. I’ve written about all three in prior incident response posts, but let’s apply them [...]read more

Dev Overflow – Part 4

Dev Overflow – Part 4 150 150 MikhailSudakov
By Mikhail Sudakov, Cyber Security Architect and Analyst, LEO Cyber Security. This post is a direct continuation of my previous post on broken authentication and session management, which was split into two parts. You might want to review Part 3 (Back to Part 3) before proceeding. A2 - Broken Authentication (Cont.) Source: an "Office Space" [...]read more

Security Provisions Negotiation in the Wake of the OCC Risk Report

Security Provisions Negotiation in the Wake of the OCC Risk Report 640 426 SethJaffe
By Seth Jaffe. The “severity of cyber threats is increasing.” It’s something most of us inherently understand, but now we have the Department of the Treasury’s Office of the Comptroller of the Currency (“OCC”) weighing in with its Fall Risk Report for banks and savings associations.  The OCC has been sounding the alarm for years [...]read more

The Hidden Benefit of Security Conferences

The Hidden Benefit of Security Conferences 698 262 TorryCrass
By Torry Crass. I've been going to security conferences for a while now, a bunch of them; BlackHat, DefCon, RSA, and a smattering of BSides and various other conferences in my area. Sometimes I present, others I volunteer at, and the rest I'm simply an attendee. Conferences are a great resource in the security community [...]read more